﻿<?php
session_start();

function get_real_ip(){
    $ip=false;
    if(!empty($_SERVER["HTTP_CLIENT_IP"])){
        $ip = $_SERVER["HTTP_CLIENT_IP"];
    }
    if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
        $ips = explode (", ", $_SERVER['HTTP_X_FORWARDED_FOR']);
        if ($ip) { array_unshift($ips, $ip); $ip = FALSE; }
        for ($i = 0; $i < count($ips); $i++) {
            if (!eregi ("^(10|172\.16|192\.168)\.", $ips[$i])) {
               $ip = $ips[$i];
               break;
            }
        }
    }
    return ($ip ? $ip : $_SERVER['REMOTE_ADDR']);
}
if(!isset($_SESSION['login']) || $_SESSION['login'] != 1)
{
	if(strlen($_POST['sjh']) <= 0)exit('手机号/用户名 不能为空');
	if(strlen($_POST['pw']) < 6)exit('密码错误');
    
    $servername = "localhost";
    $username = "anters87";
    $password = "a1023315123";
    $dbname = "anters87";
    $jkmGS = 50;
    // 创建连接
    $conn = new mysqli($servername, $username, $password, $dbname);
    // 检测连接
    if ($conn->connect_error) {
        die("-1");
    }
    $conn->query("set names utf8");
    $result = $conn->query("SELECT * FROM hg002 WHERE sjh='".$_POST['sjh']."'");
	if($result == false || !($row = mysqli_fetch_array($result))){
	   $result = $conn->query("SELECT * FROM hg002 WHERE yhm='".$_POST['sjh']."'");
	   if($result == false || !($row = mysqli_fetch_array($result))){
	       $conn->close();
	       exit('无此账号');
	   }
	}
    $pw = $row['pw'];
    /*{
    	echo $row['FirstName'] . " " . $row['LastName'];
        
    }

	$pwfile = 'zh/'.$_POST['sjh'].'/pw.php';
	if(file_exists($pwfile) == false)exit('无此号码');
	require($pwfile);*/
	if($pw != $_POST['pw']){
	   $conn->close();
	   exit('密码错误');
	}
    
    $fjipwb = '';
    if(isset($_COOKIE["002{$row['sjh']}sid"]) && $_COOKIE["002{$row['sjh']}sid"] == $row['sid']){
        
    }else{
        if($row['sidcs'] >= 1 && $row['lx'] != 'zz'){
            if(isset($row['yzm']) && isset($_POST['yzm']) && $row['yzm'] && $_POST['yzm'])
            {
                if($row['yzm'] != $_POST['yzm'] || time() - $row['yzmsj'] > 3 * 60)
                    exit('验证码错误');
            }else
                exit('dxyz');
        }
        $row['sidcs'] = $row['sidcs'] + 1;
        $fjipwb .= ",sidcs='".$row['sidcs']."'";
    }
	$_SESSION['sjh'] = $row['sjh'];
	$_SESSION['yhm'] = $row['yhm'];
	$_SESSION['lx'] = $row['lx'];
	$_SESSION['zt'] = $row['zt'];
    $_SESSION['gjdj'] = 0;
    $_SESSION['Xdjgjc'] = $row['Xdjgjc'];
    $_SESSION['tybckfs'] = $row['tybckfs'];
    
    
    if(!(strpos($row['jkm'],'!') === false)){
        $_SESSION['gjdj'] = 1;
    }
    $_SESSION['sid'] = session_id();
	$_SESSION['loginsj'] = time();
	$_SESSION['login'] = 1;
    if ($conn->query("UPDATE hg002 SET sid='".$_SESSION['sid']."',loginsj='".$_SESSION['loginsj']."'".$fjipwb." WHERE sjh='" . $_SESSION['sjh']."'")) {
        setcookie("002{$_SESSION['sjh']}sid", $_SESSION['sid'], time() + 30 * 24 * 60 * 60);
    }
    $conn->close();

	if(isset($_GET['tz']) && $_GET['tz'] == "1")
	{
		header("Location:002.php");
	}
	else
	{
	   if($_SESSION['zt'] == 0)exit("2");
       else if($_SESSION['zt'] == '-1')exit("账号已停用");
	   else exit("1");
	}
}
if($_GET['tz'] && $_GET['tz'] == "1")
{
	header("Location:002.php");
}

if($_SESSION['zt'] == 0)exit("2");
else if($_SESSION['zt'] == '-1')exit("账号已停用");
else exit('1');
?>